Question: An organization is trying to implement least privilege and separation of duties to comply with legal and regulatory requirements regarding limiting access to certain types

An organization is trying to implement "least privilege" and "separation of duties" to comply with legal and regulatory requirements regarding limiting access to certain types of information (e.g. personnel records, financial records, customer records, etc.). Which of the following sets of documents will help the organization identify and justify the granting or revocation of access to information and information systems?

Question 18 options:

None of the listed choices are correct.
Access control lists for existing user accounts including all privileged accounts.
RACI Matrices showing who is responsible, accountable, consulted, and informed with respect to information and business processes.
Comprehensive and complete lists of jobs (roles) and duties (job descriptions) that include information access needs.

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer
Step: 1 Unlock blur-text-image
Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock
Step: 3 Unlock

Students Have Also Explored These Related General Management Questions!

Q:

An organization is trying to implement "least privilege" and "separation of duties" to comply with legal and regulatory requirements regarding limiting access to certain types of information ( e . g...

Q:

You are charged with designing an occupational health and safety compliance training program for generic company--see Dyson article copied below: Choose a company in any of the following industries:...

Q:

Case requirements 1.Imagine yourself in Nancy John's position. Recall that Nancy was openly critical of the previous Executive Director (ED). Using the fraud triangle as a guide, speculate on the...

Q:

Please complete the assignment and t explain all the ratios that was use and effect. Table of Contents UNITED STATES SECURITIES AND EXCHANGE COMMISSION WASHINGTON, D.C. 20549...

Q:

Please complete the assignment and t explain all the ratios that was use and effect. Table of Contents UNITED STATES SECURITIES AND EXCHANGE COMMISSION WASHINGTON, D.C. 20549...

Q:

Please complete the assignment and t explain all the ratios that was use and effect. Table of Contents UNITED STATES SECURITIES AND EXCHANGE COMMISSION WASHINGTON, D.C. 20549...

Q:

Please complete the assignment and t explain all the ratios that was use and effect. Table of Contents UNITED STATES SECURITIES AND EXCHANGE COMMISSION WASHINGTON, D.C. 20549...

Q:

3-2 Rite Aid Inventory Surplus Fraud Occupational Fraud comes in many shapes and sizes. The fraud at Rite Aid is one such case. On February 10 th , 2015, the US Attorney?s Office for the Middle...

Q:

Using the U.S. Securities and Exchange Commission?s EDGAR database, select a public company that has consolidated subsidiaries. To minimize the chances of classmates selecting the same company,...

Q:

Please see attached file and answer (1-2 pages) the following questions: - What is the structure of this industry? - Who are the primary players? - What external risks does the industry face? Table...

Q:

Prepare a budget for the following year. Provide your assumptions. Analyze ways to increase funding for next year, as well as to provide greater services to the nonprofits clientele or community...

Q:

During charging, a battery pack loses heat at a rate of 0.2 kW. The electric current flowing into the battery from a 220 V source is measured as 10 amp. Determine (a) Q. (b) Wel, (c) Wext. Include...

Q:

4. A _____________________ is an organized collection of related information stored in a computer file. a. database b. dataset c. field d. record

Q:

18. Write out the put-call parity formula for a firm's stock, debt, and assets. How do the determinants of an option's value impact the present value of the firm's financial distress costs? Provide...